VYPR

PyPI package

starkbank-ecdsa

pkg:pypi/starkbank-ecdsa

Vulnerabilities (1)

  • CVE-2021-43572Nov 9, 2021
    affected < 2.0.1fixed 2.0.1

    The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.